$17 Chinese Smartwatch Secretly Sends Data Back to its Creators

Security researchers analysing the workings on a ludicrously-cheap Chinese smartwatch have found it acting suspiciously, with the device's pairing app apparently sending data back to a local server.

The watch doesn't come with this feature out of the box, at least. It seems to be activated by a pairing app that buyers are encouraged to install if they want their new watch to sync with their smartphone in the best possible way, with this app then sending unknown data "to China" via its paired connection.

Describing his findings to a security conference and hinting that this might be the beginnings of an outbreak of smart corporate espionage, Michael Raggo said: "We ran dynamic and behavioural analysis [on the pairing app] and discovered that when it was paired, it started communicating outbound over a random IP address to China. We don't know what the IP address is. In terms of corporate espionage, in terms of risk, there's definitely a lot of suspicious behaviours there." [Iron Geek via The Register]